[[TOC]]
= RHEL5 cluster.conf Schema Description =
'''Note''': Last Update: 4 December, 2009
== Tag: ==
Attributes:
* `name` (required): The name of the cluster you have configured.
* `config_version` (required): Specifies a revision number for the cluster.conf file.
* In order to successfully propagate a new configuration file, this parameter must be higher than current value, i.e. monotonically increasing order.
* Alias: Pretty name for cluster that is not parsed by cluster tag software; only the gui uses this value.
Example:
{{{
}}}
== Tag: ==
Fence_xvm daemon startup flag.
'''Note''': This tag is optional. `fence_xvmd` is an I/O Fencing host which resides on dom0 and is used in conjunction with the `fence_xvm` fencing agent. Together, these two programs can be used to fence can be used to fence Xen virtual machines which are part of a cluster. There is a requirement that the parent dom0s are also a part of their own CMAN/OpenAIS based cluster, and that the dom0 cluster does not share any members with the domU cluster. Furthermore, the dom0 cluster is required to have fencing if domU recovery is expected to be automatic.
Parent Tag: ``
Attributes:
* `family` (Optional): IP family to use (auto, ipv4, or ipv6; default = auto)
* `multicast_address` (Optional): Multicast address to listen on (default=225.0.0.12 for ipv4, ff02::3:1 for ipv6)
* `port` (Optional): Port to use (default=1229)
* `auth` (Optional): Authentication type (none, sha1, sha256, sha512; default=sha256). This controls the authentication mechanism used to authenticate clients. The three SHA hashes use a key which must be shared between both the Xen virtual machines and the host domain-0 cluster. The three SHA authentication mecha- nisms use a simple bidirectional challenge-response based on pseudo- random number generation and a shared private key.
* `hash` (Optional): Packet hash type (none, sha1, sha256, sha512; default=sha256). This controls the hashing mechanism used to authenticate fencing requests. The three SHA hashes use a key which must be shared between both the Xen virtual machines and the host domain-0 cluster.
* `key_file` (Optional): Use the specified key file for packet hashing / SHA authentication. When both the hash type and the authentication type are set to "none" (or not used), this parameter is ignored.
* `use_uuid=1` (Optional): Fence by UUID instead of Xen Domain name.
== Tag: ==
OpenAIS msg transport protocol.
Parent Tag: ``
Attributes:
* `token` (Optional): This timeout specifies in milliseconds until a token loss is declared after not receiving a token. This is the time spent detecting a failure of a processor in the current configuration. Reforming a new configuration takes about 50 milliseconds in addition to this timeout.
* The default is 10000 milliseconds.
* `token_retransmits_before_loss_const` (Optional): This timeout specifies in milliseconds after how long before receiving a token the token is retransmitted. This will be automatically calculated if token is modified. It is not recommended to alter this value without guidance from the openais community.
* The default is 20 milliseconds.
* `join` (Optional): This timeout specifies in milliseconds how long to wait for join messages in the membership protocol.
* The default is 60 milliseconds.
* `consensus` (Optional): This timeout specifies in milliseconds how long to wait for consensus to be achieved before starting a new round of membership configuration.
* The default is 4800 milliseconds.
== Tag: ==
CMAN service configuration.
Parent Tag: ``
Attributes:
=== Tag: ===
Parent Tag: ``
Attributes:
* `addr`: Address for multicasting. CMAN can be configured to use multicast instead of broadcast (broadcast is used by default if no multicast parameters are given.)
Example:
{{{
}}}
=== Tag: ===
Fence Daemon Configuration
Parent Tag: ``
Attributes:
* post_join_delay: The number of seconds the daemon will wait before fencing any victims after a node joins the domain.
* post_fail_delay: The number of seconds the daemon will wait before fencing any victims after a domain member fails.
* clean_start: Used to prevent any start up fencing the daemon might do. It indicates that the daemon should assume all nodes are in a clean state to start.
Example:
{{{
}}}
''A Note On Fencing''
Fencing is specified within the `cluster.conf` file in two places. The first place is within the `` tag. Any device used for fencing a node must be defined here as a `` first. This applies to power switches (APC, WTI, etc.) with multiple ports that are able to fence multiple cluster nodes, as well as fabric switches and baseboard management fence strategies (iLO, RSA, IPMI, Drac, etc.) that are usually 1 to 1 in nature; that is, one specified fence device is able to fence only one node. After defining the fence devices to be used in the cluster, it is necessary to associate the fence device listings with specific cluster nodes. The second place that fencing is specified within cluster.conf is within the `` tag. Beneath the `` tag, is a `` tag. Beneath the `` tag is one or more `` tag sets. Within a `` tag set, is a `` tag set. This is where the actual association between `` and node takes place. A `` tag has a required "name" attribute that refers to the name of one of the ``'s specified in the `` section of `cluster.conf`.
More about `` blocks:
A method block is like a fence level. If a primary fence method is selected, yet the user wants to define a backup method in case the first fence method fails, this is done by defining two `` blocks for a cluster node, each with a unique name parameter. The fence daemon will call each fence method in the order they are specified under the `` tag set. Fence specification within `cluster.conf` offers one other feature for customizing fence action. Within a `` block, it is allowable to list more than one ``. This is useful when fencing a node with redundant power supplies, for example. The fence daemon will run the agent for each device listed within a `` block before determining success or failure.
=== Tag: ===
Contains all fencing device information.
Parent Tag: ``
Attributes: None
=== Tag: ===
Information about one fence device in particular.
Parent Tag: ``
Attributes:
* `name` (required by ALL fence devices): Name of the fence device.
* `agent` (required by ALL fence devices): Specifies fence agent to be used. See agent list in Table 1 below.
* The following tables list attributes depending on which fence agent is used (all of these attributes listed below are attributes):
==== Type: APC Power Switch ====
''' attributes'''
||name||reference name for this device within the conf file||
||agent||fence_apc||
||ipaddr||IP address of the device.||
||login||login name for device.||
||passwd||password.||
''' attributes'''
||name||reference to the fence device name attribute above||
||port||switch outlet port||
||switch||Optional: switch number when ganging Masterswitch Plus switches||
||option||Action required. 'Reboot' (default action if this attr is not present) 'Off' or 'On'||
==== Type: Brocade Fabric Switch ====
''' attributes'''
||name||reference name for this device within the conf file||
||agent||fence_brocade||
||ipaddr||IP address of the device.||
||login||login name for device.||
||passwd||password.||
''' attributes'''
||name||reference to the fence device name attribute above||
||port||switch port||
||option||Action required. 'disable' (default action if this attr is not present) or 'enable'||
==== Type: !McData SAN Switch ====
''' attributes'''
||name||reference name for this device within the conf file||
||agent||fence_mcdata||
||ipaddr||IP address of the device.||
||login||login name for device.||
||passwd||password.||
''' attributes'''
||name||reference to the fence device name attribute above||
||port||switch port||
||option||Action required. 'disable' (default action if this attr is not present) or 'enable'||
==== Type: QLogic SANBox2 ====
''' attributes'''
||name||reference name for this device within the conf file||
||agent||fence_sanbox2||
||ipaddr||IP address of the device.||
||login||login name for device.||
||passwd||password.||
''' attributes'''
||name||reference to the fence device name attribute above||
||port||switch port||
||option||Action required. 'disable' (default action if this attr is not present) or 'enable'||
==== Type: IBM Blade Center ====
''' attributes'''
||name||reference name for this device within the conf file||
||agent||fence_bladecenter||
||ipaddr||IP address of the device.||
||login||login name for device.||
||passwd||password.||
''' attributes'''
||name||reference to the fence device name attribute above||
||blade||the blade to operate on||
||option||Action required. 'disable' (default action if this attr is not present) or 'enable'||
==== Type: Bull PAP ====
''' attributes'''
||name||reference name for this device within the conf file||
||agent||fence_bullpap||
||ipaddr||IP address of the device.||
||login||login name for device.||
||passwd||password.||
''' attributes'''
||name||reference to the fence device name attribute above||
||domain||Domain of the BullPAP system to power cycle||
||option||Action required. 'reboot' (default action if this attr is not present) 'on' or 'off'||
==== Type: IPMI Lan ====
''' attributes'''
||name||reference name for this device within the conf file||
||agent||fence_ipmilan||
||ipaddr||IP address of the device.||
||login||login name for device.||
||passwd||password.||
||auth||Authentication Type: none, 'password', 'md2', or 'md5'||
||lanplus||Use lanplus: 'True' or '1'; leave out for false (only in RHEL4.5 CS and later)||
''' attributes'''
||name||reference to the fence device name attribute above||
||option||Action required. 'reboot' (default action if this attr is not present) 'on' or 'off'||
==== Type: WTI Power Switch ====
''' attributes'''
||name||reference name for this device within the conf file||
||agent||fence_wti||
||ipaddr||IP address of the device.||
||passwd||password.||
''' attributes'''
||name||reference to the fence device name attribute above||
||port||The switch outlet port to power cycle||
==== Type: Vixel SAN Switch ====
''' attributes'''
||name||reference name for this device within the conf file||
||agent||fence_vixel||
||ipaddr||IP address of the device.||
||passwd||password.||
''' attributes'''
||name||reference to the fence device name attribute above||
||port||The switch port to remove zoning from||
==== Type: HP ilo (Integrated Lights Out) ====
''' attributes'''
||name||reference name for this device within the conf file||
||agent||fence_ilo||
||hostname||Hostname or IP Address of the device.||
||login||Login for the device.||
||passwd||password for the device.||
||ribcl||RIBCL protocol version to use. Default action if this attr is not present is to autodetect||
''' attributes'''
||name||reference to the fence device name attribute above||
||action||Action required. 'reboot' (default action if this attr is not present) 'on' or 'off'||
||force||Optional parameter. If set to '1' (force='1'), status will not be initially checked before fencing. The use of this attribute significantly speeds up fencing on this device type.||
==== Type: Global Network Block Device (GNBD) ====
''' attributes'''
||name||reference name for this device within the conf file||
||agent||fence_gnbd||
||servers||A whitespace separated list of servers||
''' attributes'''
||name||reference to the fence device name attribute above||
==== Type: Egenera SAN Controller ====
''' attributes'''
||name||reference name for this device within the conf file||
||agent||fence_egenera||
||cserver||The cserver to ssh to...the cserver can be of the form user@hostname to log in as a particular user||
||esh||The path to the esh command on the cserver (default is /opt/pan-mgr/bin/esh if this attr is not present)||
''' attributes'''
||name||reference to the fence device name attribute above||
||lpan||The lpan to use||
||pserver||The pserver to fence for this node||
||action||Action required. 'reboot' (default action if this attr is not present) 'on' or 'off'||
==== Type: IBM RSA II ====
''' attributes'''
||name||reference name for this device within the conf file||
||agent||fence_rsa||
||ipaddr||IP Address or Hostname of the device.||
||login||Login for the device.||
||passwd||password for the device.||
''' attributes'''
||name||reference to the fence device name attribute above||
||option||Action required. 'Reboot' (default action if this attr is not present) 'On' or 'Off'||
==== Type: RPS10 Serial Switch ====
''' attributes'''
||name||reference name for this device within the conf file||
||agent||fence_rps10||
||device||Device name.||
||port||Port to fence.||
''' attributes'''
||name||reference to the fence device name attribute above||
==== Type: Dell DRAC ====
''' attributes'''
||name||reference name for this device within the conf file||
||agent||fence_drac||
||ipaddr||Hostname or IP Address of the device.||
||login||Login for the device.||
||passwd||password for the device.||
||drac_version||Force fence agent to use a particular version of DRAC firmware. The default action when not including this attr is to auto-detect||
||cmd_prompt||Optional: Force fence_drac to use this value as the command prompt.||
''' attributes'''
||name||reference to the fence device name attribute above||
||action||Action required. 'reboot' (default action if this attr is not present) 'on' or 'off'||
||modulename||Optional: used when employing DRAC/MC multi-chassis version||
==== Type: Manual Fencing ====
''' attributes'''
||name||reference name for this device within the conf file||
||agent||fence_manual||
''' attributes'''
||name||reference to the fence device name attribute above||
Example:
{{{
}}}
=== Tag: ===
Cluster Nodes Configuration: contains 1 or more `` tags.
Parent Tag: ``
Attributes: None
=== Tag: ===
Per Node configuration.
Parent Tag: ``
Attributes:
* `name` (Required): The hostname or IP Address of the node
* `votes` (Optional - default is 1): number of votes node can cast
* `nodeid` (Required): Each node must have a unique integer value node ID. A node’s application to join the cluster may be rejected if you try to set the nodeid to one that is already used.
Example:
{{{
}}}
=== Tag: ===
Fencing information for the node.
Parent Tag: ``
Attributes: None
=== Tag: ===
Defines a method for fencing the machine.
Parent Tag:
Attributes:
* `name` (required): name for the fencing method, if GUI generated, it is a number.
=== Tag: ===
The device used to fence the node.
Parent Tag: ``
Attributes: See `` section of this document for agent specific attributes for the `` tag.
Example:
{{{
}}}
=== Tag: ===
The RM block holds resources, failover domains and any number of 'group' (\= resourcegroup) blocks.
Parent Tag: ``
Attributes:
* `log_level` (Optional): An integer 0-7, inclusive for all levels less than the selected. 0, system is unusable, emergency;
* 1 action must be taken immediately;
* 2, critical conditions;
* 3, error conditions;
* 4, warning conditions;
* 5, normal but significant condition;
* 6, informational;
* 7, debug-level messages.
* log_facility The facility is one of the following keywords:
* auth
* authpriv
* cron
* daemon
* kern
* lpr
* mail
* news
* syslog
* user
* uucp
* local0 through local7.
Example:
{{{
}}}
=== Tag: ===
All the `` tags go under here.
Parent Tag: ``
Attributes: None
=== Tag: ===
Specify properties of specific failover domains
Parent Tag: ``
Attributes:
* `name` (Required): the name of the failover domain
* `ordered`: Set value to '1' if the failover domain is ordered, '0' if not - default is unordered.
* `restricted`: Set value to '1' if failover domain is restricted, '0' if not - default is unrestricted.
=== Tag: ===
An individual node within a failover domain.
Parent Tag: ``
Attributes:
* `name` (Required): name of the node.
* `priority` (Required): a number representing the priority, with lower numbers having higher priority.
Example:
{{{
}}}